You are here

Policing cyberspace

Most people envision cybercrime looking like the movies, where slick tech geniuses sit behind keyboards writing elaborate programs to outsmart major computer networks.

But oftentimes, the truth can be as simple as criminals tricking users into clicking on web links contained in clever but fake emails from familiar companies that promise free gifts, seek to help fix your “full” email inbox or track bogus packages being delivered to your home.

ANU College of Asia and the Pacific’s Cybercrime Observatory ran an experiment on a group of students to see if they would click on these so-called phishing emails that used fake enticements to open bogus links. Large numbers of students clicked on these phishing links, especially one that was titled “exam schedule changed.”

“The victim is ‘socially engineered’ into opening it,” said Professor Roderic Broadhurst, who heads the Cybercrime Observatory. “You’re allowing the trespass or the intrusion. So it’s not hacking or using brute force to crack a password.”

Broadhurst has conducted research into spam, a practice that sends out thousands of emails and offers criminals a high return for a modest investment. One project churned through a sample of more than 13 million emails identified as spam, ran them through databases of known malicious software, known as malware, and found that about 1.5 million contained either malicious web links or attachments designed to steal information or plant destructive malware.

But spam is only one of a wide range of internet-related criminal trends that the observatory monitors, which also includes illicit online markets, malware or crime-as-a-service, and botnet attacks – where personal computers are taken over and used by criminals to disrupt a legitimate computer network.

Additionally, the observatory trains undergraduate and postgraduate students in cybersecurity and cybercrime prevention, providing them with real-world law-enforcement and technology experience. Its students were the first to be invited to use the high-end technology at the Australian Cyber Security Centre, which houses police and intelligence agencies focused on preventing hacking into Australian computer networks.

After gaining hands-on experience, the lab’s graduates usually get snapped up for jobs in the government or law-enforcement fields because of the high demand for computer expertise, said Broadhurst, who began his career in the prison and corrections sector.

His research has spanned across criminology and includes work on offender treatment and rehabilitation, crime prevention, and homicide analyses. Broadhurst jumped into the cyber arena more than 15 years ago while he was working in Asia at a time when Microsoft was offering seminars and conferences to law-enforcement communities in its attempt to thwart intellectual property theft.

He has learned to be comfortable with technology, and he sees many similarities between crimes committed online and in the real world. While fingerprints or fibre traces usually are left at crime scenes, cyber criminals often leave digital clues in their computer code or online forums, Broadhurst said.

“We spend a lot of time hanging around forum discussions and scraping (data) from dark nets and clear networks,” he said. “The most popular trend currently is attacks on Bitcoin miners – stealing their computer power.”

But technology often adds a layer of complexity as well as some twists to modern crime.

Some of the observatory’s projects include:

investigating methods of producing firearms using 3-D printers. While Australia bans or places controls on most weapons, citizens can buy electronic milling machines that can produce a range of goods, including guns. Printers have even been preloaded with blueprints to design digital weapons, Broadhurst said.

determining what goods and services are sold on dark net markets. In 2017, the observatory identified Dream Market as the largest English-language dark net market in the world and that illegal drugs comprised nearly half its products for sale. Dark net markets also sell forged passports, weapons and various types of hacking and malware software, Broadhurst said, although many of them are scams as well.

the growing trend of malware-as-a-service. Consumers can buy various software packages or hire hackers on dark net markets to steal information by loading a keystroke logger onto a computer or freeze a corporate computer network unless ransom is paid.

Sometimes cybercrime gets overshadowed by all the attention paid to the threats stemming from cybersecurity. The difference between the two is that while cybersecurity tries to protect computer networks from invading hackers, cybercrime involves criminal activity that employs technology.

“The current government and industry conversation is about cybersecurity. Cybersecurity is about the technology and about what criminologist would call the crime proofing of software and hardware so that it relatively safe from cyber attacks,” Broadhurst said. “It doesn’t, unfortunately, stop cybercrime.”

Research funded by: Criminology Research Council, Australian Federal Police, Korean Institute of Criminology